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1 Fast detection of communication patterns in distributed executions 

Thomas Kunz, Michiel F. H. Seuren 
November 1997 Proceedings of the 1997 conference of the Centre for Advanced Studies 

on Collaborative research 

Full text available: ^ pdf(4.21 MB) Additional Information: full citation , abstract , references , index terms 

Understanding distributed applications is a tedious and difficult task. Visualizations based on 
process-time diagrams are often used to obtain a better understanding of the execution of 
the application. The visualization tool we use is Poet, an event tracer developed at the 
University of Waterloo. However, these diagrams are often very complex and do not provide 
the user with the desired overview of the application. In our experience, such tools display 
repeated occurrences of non-trivial commun ... 

2 Sharing and protection in a single-address-space operating system 

Jeffrey S. Chase, Henry M. Levy, Michael J. Feeley, Edward D. Lazowska 
November 1994 ACM Transactions on Computer Systems (TOCS), Volume 12 issue 4 

Additional Information: full citation , abstract , references , citings , index 

terms 
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Full text available: fB pdf(2.87 MB) 



This article explores memory sharing and protection support in Opal, a single-address- 
space operating system designed for wide-address (64-bit) architectures. Opal threads 
execute within protection domains in a single shared virtual address space. Sharing is 
simplified, because addresses are context independent. There is no loss of protection, 
because addressability and access are independent; the right to access a segment is 
determined by the protection domain in which a thread executes. T ... 

Keywords: 64-bit architectures, capability-based systems, microkernel operating systems, 
object-oriented database systems, persistent storage, protection, single-address-space 
operating systems, wide-address architectures 



A case study in access control requirements for a Health Information System Q 

Mark Evered, Serge Bogeholz 

January 2004 Proceedings of the second workshop on Australasian information 

security, Data Mining and Web Intelligence, and Software 
Internationalisation - Volume 32 

Full text available: t §pdf(1 50.71 KB) Additional Information: full citation , abstract , references 
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We present a detailed examination of the access constraints for a small real-world Health 
Information System with the aim of achieving minimal access rights for each of the involved 
principals. We show that, even for such a relatively simple system, the resulting constraints 
are very complex and cannot be expressed easily or clearly using the static per-method 
access control lists generally supported by component-based software. We derive general 
requirements for the expressiveness of access con ... 

Keywords: Health Information System, access control, component 



4 Presto: an experimental architecture for fluid interactive document spaces Q 

Paul Dourish, W. Keith Edwards, Anthony LaMarca, Michael Salisbury 

June 1999 ACM Transactions on Computer-Human Interaction (TOCHI), Volume 6 issue 2 

Full text available- HI pdf(409 04 KB) Additional Information: full citation , abstract , references , citings, index 

'^ JL - X - — : terms 

Traditional document systems use hierarchical filing structures as the basis for organizing, 
storing and retrieving documents. However, this structure is very limited in comparison with 
the rich and varied forms of document interaction and category management in everyday 
document use. Presto is a prototype document management system providing rich 
interaction with documents through meaningful, user-level document attributes, such as 
"Word file," "published paper," 8d ... 

Keywords: attribute/value systems, direct manipulation, document management 

5 A computer system supporting data abstraction H 

Johannes Madsen 

April 1981 ACM SIGOPS Operating Systems Review, Volume is issue 2 

Full text available: ||] pdf(1.93 MB) Additional Information: full citation , abstract , references 

A computer system designed to support operating system facilities is formally specified. 
With the proposed technology, an operating system in the conventional sense of the word 
becomes superfluous. Instead, the facilities supported by e.g. a general-purpose operating 
system may be implemented as applications of the proposed computer system. This is 
made possible by the ability of the proposed system to support data abstraction rather than 
procedural abstraction as supported by conventional syste ... 

6 Improving the granularity of access control for Windows 2000 Q 

Michael M. Swift, Anne Hopkins, Peter Brundrett, Cliff Van Dyke, Praerit Garg, Shannon Chan, 
Mario Goertzel, Gregory Jensenworth 

November 2002 ACM Transactions on Information and System Security (TISSEC), volume 

5 Issue 4 

Full text available- fi B pdf(447 78 KB) Additional Information: full citation , abstract , references , citings , index 

■ s terms , review 

This article presents the mechanisms in Windows 2000 that enable fine-grained and 
centrally managed access control for both operating system components and applications. 
These features were added during the transition from Windows NT 4.0 to support the Active 
Directory, a new feature in Windows 2000, and to protect computers connected to the 
Internet. While the access control mechanisms in Windows NT are suitable for file systems 
and applications with simple requirements, they fall short of the ... 

Keywords: Access control lists, Microsoft Windows 2000, Windows NT, active directory 
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Danai Patiyoot 

January 2002 ACM SIGOPS Operating Systems Review, Volume 36 issue l 

Full text available: Q pdf(1.75 MB) Additional Information: full citation , abstract , references , index terms 

To be able to fulfil the need of user in wireless ATM, the system has to acquire features. 
One of the system features for the wireless ATM is functionality especially the security 
aspect. There is so far tittle, if not none, security consideration in the developing of wireless 
ATM standard. Therefore a wide range of features in security functions is in consideration. 
This paper tried to define the features of security in wireless ATM networks considering it 
features from existing fixed ATM netwo ... 

Keywords: security, wireless ATM 
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8 Access control with IBM Tivoli access manager Q 

Gunter Karjoth 

May 2003 ACM Transactions on Information and System Security (TISSEC), volume 6 

Issue 2 

Full text available: ^ pdf(367.07 KB) Additional Information: full citation , abstract , references , index terms 

Web presence has become a key consideration for the majority of companies and other 
organizations. Besides being an essential information delivery tool, the Web is increasingly 
being regarded as an extension of the organization itself, directly integrated with its 
operating processes. As this transformation takes place, security grows in importance. IBM 
Tivoli Access Manager offers a shared infrastructure for authentication and access 
management, technologies that have begun to emerge in the com ... 

Keywords: Access control, WWW security, Web servers, authorization management 
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9 File servers for network-based distributed systems Q 

Liba Svpbodova 

December 1984 ACM Computing Surveys (CSUR), Volume 16 issue 4 

Full text available: fl)pdf(4.23 MB) Additional Information: full citation , references , citings , index terms , review 



10 Improving the granularity of access control in Windows NT Q 

Michael M. Swift, Peter Brundrett, Cliff Van Dyke, Praerit Garg, Anne Hopkins, Shannon Chan, 
Mario Goertzel, Gregory Jensenworth 

May 2001 Proceedings of the sixth ACM symposium on Access control models and 
technologies 

Full text available: W\ pdf(259.87 KB) Additional Information: full citation , abstract , references , citings , index 

^ : terms 

This paper presents the access control mechanisms in Windows 2000 that enable fine- 
grained protection and centralized management. These mechanisms were added during the 
transition from Windows NT 4.0 to support the Active Directory, a new feature in Windows 
2000. We first extended entries in access control lists to allow rights to apply to just a 
portion of an object. The second extension allows centralized management of object 
hierarchies by specifying more precisely how access control lis ... 

Keywords: Windows 2000, access control lists 



11 File and storage systems: Decentralized user authentication in a global file system Q 

Michael Kaminsky, George Savvides, David Mazieres, M. Frans Kaashoek 
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October 2003 Proceedings of the nineteenth ACM symposium on Operating systems 

principles 

Full text available: ^pdfd 44.43 KB) Additional Information: full citation , abstract , references , index terms 

The challenge for user authentication in a global file system is allowing people to grant 
access to specific users and groups in remote administrative domains, without assuming 
any kind of pre-existing administrative relationship. The traditional approach to user 
authentication across administrative domains is for users to prove their identities through a 
chain of certificates. Certificates allow for general forms of delegation, but they often 
require more infrastructure than is necessary to sup ... 

Keywords: ACL, SFS, authentication, authorization, credentials, file system, groups, users 



12 Su pport for discretionary role based access control in ACL-oriented operating systems Q 

Christian Friberg, Achim Held 

November 1997 Proceedings of the second ACM workshop on Role-based access control 

Full text available: fi3 pdf(1.11 MB) Additional Information: full citation , references , citings , index terms 



13 TeleNotes: managing lightweight interactions in the desktop Q 

Steve Whittaker, Jerry Swanson, Jakov Kucan, Candy Sidner 

June 1997 ACM Transactions on Computer-Human Interaction (TOCHI), volume 4 issue 2 

Full text available- fjP] pdf(1.01 MB) Additional Information: full citation , abstract , references , citings , index 

terms 

Communication theories and technology have tended to focus on extended, formal 
meetings and have neglected a prevalent and vital form of workplace communication— 
namely, lightweight communication. Unlike formal, extended meetings, lightweight 
interaction is brief, informal, unplanned, and intermittent. We analyze naturalistic data from 
a study of work-place communication and derive five design criteria for lightweight 
interaction systems. These criteria require that systems for lightwe ... 

Keywords: audio, awareness, computer-media spaces, conversation management, 
impromptu communication, informal communication, interpersonal communications, 
lightweight interaction, mediated communication, remote collaboration, task management, 
video 



14 A calculus for access control in distributed systems Q 

Martin Abadi, Michael Burrows, Butler Lampson, Gordon Plotkin 

September 1993 ACM Transactions on Programming Languages and Systems (TOPLAS), 

Volume 15 Issue 4 

Full text available: 4 p|pdf(1.94 MB) Additional Information: full citation , abstract , references , citings , index 

^ terms , review 

We study some of the concepts, protocols, and algorithms for access control in distributed 
systems, from a logical perspective. We account for how a principal may come to believe 
that another principal is making a request, either on his own or on someone else's behalf. 
We also provide a logical language for accesss control lists and theories for deciding 
whether requests should be granted. 

Keywords: cryptographic protocols, cryptography, modal logic 
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file system 

Anthony Harrington, Christian Jensen 

June 2003 Proceedings of the eighth ACM symposium on Access control models and 
technologies 

Full text available: ^ pdf(249.24 KB) Additional Information: full citation , abstract , references , index terms 

Traditional access control mechanisms rely on a reference monitor to mediate access to 
protected resources. Reference monitors are inherently centralized and existing attempts to 
distribute the functionality of the reference monitor suffer from problems of 
scalability. Cryptographic access control is a new distributed access control paradigm 
designed for a global federation of information systems. It defines an implicit access control 
mechanism, which relies exclusively on cryptography to provide ... 

Keywords: access control, cryptography, network file systems 



16 NetWare 4 as an example of role-based access control 

Jeremy Epstein, Ravi Sandhu 

December 1996 Proceedings of the first ACM Workshop on Role-based access control 

Full text available: f Spdf(812.01 KB) Additional Information: full citation , references , citings , index terms 



17 Performance of cache coherence in stackable filing 

J. Heidemann, G. Popek 

December 1995 ACM SIGOPS Operating Systems Review , Proceedings of the fifteenth 

ACM symposium on Operating systems principles, volume 29 issue 5 
Full text available: S pdf(2.00 MB) Additional Information: full citation , references , index terms 



18 Flexible meta access-control for collaborative applications Q 

Prasun Dewan, HongHai Shen 

November 1998 Proceedings of the 1998 ACM conference on Computer supported 

cooperative work 

Full text available: S pdf(1.33 MB) Additional Information: full citation , references , citings , index terms 



Keywords: access control, collaboration, computer supported cooperative work, 
groupware, privacy, security 



19 Distributed operating systems 

Andrew S. Tanenbaum, Robbert Van Renesse 

December 1985 ACM Computing Surveys (CSUR), Volume 17 Issue 4 

Full text available: pdf(5.49 MB) Additional Information: full citation , abstract , references , citings , index 

terms , review 

Distributed operating systems have many aspects in common with centralized ones, but 
they also differ in certain ways. This paper is intended as an introduction to distributed 
operating systems, and especially to current university research about them. After a 
discussion of what constitutes a distributed operating system and how it is distinguished 
from a computer network, various key design issues are discussed. Then several examples 
of current research projects are examined in some detail ... 
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The Alpine file system 

M. R. Brown, K. N. Kolling, E. A. Taft 

November 1985 ACM Transactions on Computer Systems (TOCS), volume 3 issue 4 




Additional Information: full citation , abstract , references , citings, index 

terms , review 



Alpine is a file system that supports atomic transactions and is designed to operate as a 
service on a computer network. Alpine's primary purpose is to store files that represent 
databases. An important secondary goal is to store ordinary files representing documents, 
program modules, and the like. Unlike other file servers described in the literature, Alpine 
uses a log-based technique to implement atomic file update. Another unusual aspect of 
Alpine is that it performs all commu ... 
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DERWENT; 
IBMJTDB 


OR 


ON ' 


2005/01/14 09:54 ! 

:. r - ■ 
- . .. . . i" : ', 
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L20 


38 


19 and (((backup or (back adj up)) 
adj copy) or (auxiliary adj copy)) 


US-PGPUB; 
USPAT; 
EPO; JPO; 
DERWENT; 
IBM_TDB 


OR 


ON 


2005/01/14 09:48 


L21 


25 


20 and (restor$6 or recover$6) 


US-PGPUB; 
USPAT; 
EPO; JPO; 
DERWENT; 
IBM _TDB 


OR 


ON 


2005/01/14 09:45 


L22 


0 


21 and storage adj operation 


US-PGPUB; 
USPAT; 
EPO; JPO; 
DERWENT; 
IBM_TDB 


OR 


ON 


2005/01/14 09:47 


L23 


0 


20 and storage adj operation 


US-PGPUB; 
USPAT; 
EPO; JPO; 
DERWENT; 
IBM_TDB 


OR 


ON 


2005/01/14 09:47 


L24 


0 


19 and storage adj operation 


US-PGPUB; 
USPAT; 
EPO; JPO; 
DERWENT; 
IBM_TDB 


OR 


ON 


2005/01/14 09:47 


L25 


3 


18 and (((original or primary) adj 
copy) or (original adj set)) same 
compar$7 same (backup or (back 
adj up) or (auxiliary adj copy)) 


US-PGPUB; 
USPAT; 
EPO; JPO; 
DERWENT; i 
IBM_TDB 


OR ! 

■ ■ " i '. 


ON 

. ■ t 4 


2005/01/14 09:49 


L26 


2 


25 and compar$6 and verification 
and verif$5 and check 


US-PGPUB; 
USPAT; 
EPO; JPO; 
DERWENT; 
IBM_TDB 


OR 


ON 


2005/01/14 09:54 


L27 


0 


26 and (restor$6 or recover$6) 


US-PGPUB; 
USPAT; 
EPO; JPO; 
DERWENT; 
IBMTDB 


OR 


ON 


2005/01/14 09:55 
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